Sven Stueven commented on Mar 28, 2014

Re: Restricting multiple simultaneous sessions in IBM WebSphere Portal

Instead of calling a remote servlet to execute logout code you can simply work with a SessionValidationFilter. Store the hostname where the last login happened into a shared DB and in a SessionValidationFilter check if the login happend on the current node. If not, send a redirect to the logout URL. By that the last login will always win. It is important that in a cluster case you configure session affinity for this case.

Varma K v s s r commented on Mar 20, 2011

Re: Restricting multiple simultaneous sessions in IBM WebSphere Portal

Very good article about maintaining single session. But is there a way to prevent this access, in the case of opening a new window from an existing browser window, (when the cookie is propagated ). Can this handling be done in portal 6.1?